1 #include <windows.h>
2 #include <tlhelp32.h>
3 #include
"iostream"
4 using namespace std;
5 void PASS_TPTHREAD(WCHAR ProcessName[]);
6 typedef LONG NTSTATUS;
7 typedef NTSTATUS(WINAPI *
NTQUERYINFORMATIONTHREAD)(
8 HANDLE ThreadHandle,
9 ULONG ThreadInformationClass,
10 PVOID ThreadInformation,
11 ULONG ThreadInformationLength,
12 PULONG ReturnLength);
13 typedef
enum _THREADINFOCLASS
14 {
15 ThreadBasicInformation,
16 ThreadTimes,
17 ThreadPriority,
18 ThreadBasePriority,
19 ThreadAffinityMask,
20 ThreadImpersonationToken,
21 ThreadDescriptorTableEntry,
22 ThreadEnableAlignmentFaultFixup,
23 ThreadEventPair_Reusable,
24 ThreadQuerySetWin32StartAddress,
25 ThreadZeroTlsCell,
26 ThreadPerformanceCount,
27 ThreadAmILastThread,
28 ThreadIdealProcessor,
29 ThreadPriorityBoost,
30 ThreadSetTlsArrayAddress,
// Obsolete
31 ThreadIsIoPending,
32 ThreadHideFromDebugger,
33 ThreadBreakOnTermination,
34 ThreadSwitchLegacyState,
35 ThreadIsTerminated,
36 ThreadLastSystemCall,
37 ThreadIoPriority,
38 ThreadCycleTime,
39 ThreadPagePriority,
40 ThreadActualBasePriority,
41 ThreadTebInformation,
42 ThreadCSwitchMon,
// Obsolete
43 ThreadCSwitchPmu,
44 ThreadWow64Context,
45 ThreadGroupInformation,
46 ThreadUmsInformation,
// UMS
47 ThreadCounterProfiling,
48 ThreadIdealProcessorEx,
49 MaxThreadInfoClass
50 } THREADINFOCLASS;
51 DWORD GetProcess(WCHAR ProcessName[])
52 {
53 DWORD ProcessID =
NULL;
54 GetWindowThreadProcessId(FindWindowW(NULL, ProcessName), &
ProcessID);
55 return ProcessID;
56 }
57 void PASS_TPTHREAD(WCHAR ProcessName[])
58 {
59 DWORD dwStaAddr =
NULL;
60 DWORD dwReturnLength =
NULL;
61 HANDLE ThreadHWND =
NULL;
62 THREADENTRY32 te32;
63 te32.dwSize =
sizeof(te32);
64 HMODULE hNtdll = LoadLibraryW(L
"ntdll.dll");
65 NTQUERYINFORMATIONTHREAD NtQueryInformationThread =
NULL;
66 NtQueryInformationThread =
(NTQUERYINFORMATIONTHREAD)
67 GetProcAddress(hNtdll,
"NtQueryInformationThread");
68
69 HANDLE Snapshot =
CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, NULL);
70 if (Thread32First(Snapshot, &
te32))
71 {
72 do
73 {
74 ThreadHWND =
OpenThread(THREAD_ALL_ACCESS, FALSE, te32.th32ThreadID);
75 NtQueryInformationThread(ThreadHWND, ThreadQuerySetWin32StartAddress,
76 &dwStaAddr,
sizeof(dwStaAddr), &
dwReturnLength);
77 DWORD PID =
GetProcess(ProcessName);
78
79 if (GetProcess(ProcessName) ==
GetProcessIdOfThread(ThreadHWND))
80 {
81 cout.setf(ios::showbase |
ios::uppercase);
82 cout<<dec<<
"游戏线程ID:" <<
te32.th32ThreadID;
83 cout << hex <<
" 线程入口地址:" << dwStaAddr <<
endl;
84 }
85
86 }
while (Thread32Next(Snapshot, &
te32));
87 }
88 }
89
90 int main()
91 {
92 PASS_TPTHREAD(L
"QQ");
93 cout <<
"主线程ID=" << GetWindowThreadProcessId(FindWindowW(NULL, L
"QQ"), NULL) <<
endl;
94 getchar();
95 }
转载于:https://www.cnblogs.com/IMyLife/p/4826260.html
相关资源:查询线程入口地址源码
